CSCwn92248 - FTD FP2100 port-channel interfaces flap with LACP

i.sboras@athexgroup.gr · ‎05-12-2025

Hello, is there any estimated time of resolution for this bug?

marce1000 · ‎05-12-2025

- Note that your best approach to tackle this question is contacting Cisco's TAC ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Network Diver · ‎05-18-2025

We're having this on Firepower 1120 and 1150 devices, connected to N9K-C9348GC-FXP and also to N9K-C93180YC-FX, both running NXOS 10.2(4). But my posting was marked as SPAM.

https://community.cisco.com/t5/network-security/firepower-1000-series-causes-lacp-link-flaps-with-nexus-9k/m-p/5291826#M1121044

Network Diver · ‎05-22-2025

Link above to more in-depth details about this bug. I got response from Cisco TAC:

Can more than one port-channel member expire at once?

Yes. Due to the timer-management issue in the current FXOS/FTD code, when one member’s LACP state machine expires it can inadvertently drive the expired flag on all members of that same channel. When that happens, the switch will take down each affected link and, if enough members drop, the port-channel itself will clear and the FTD will trigger failover (since it’s monitoring link state).

Timing for a software correction

Engineering has prioritized CSCwn92248 for the upcoming 7.4.3 maintenance release (FXOS 2.15-series). At this time, QA is validating the fix and we expect it to become generally available in the July-timeframe (However, we do not have a definitive date yet). Once the maintenance train is officially posted, that build will include the corrected LACP-timer behavior so that members don’t all receive the expired indication simultaneously.